Re: [RFC v2 4/7] modsig: add integrity_module_check hook

From: Rusty Russell
Date: Tue Sep 04 2012 - 01:59:07 EST

Next message: Rusty Russell: "[RFC] module: signature infrastructure"
Previous message: MyungJoo Ham: "Re: Re: [PATCH] extcon-max8997: remove usage of ret inmax8997_muic_handle_charger_type_detach"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dmitry Kasatkin <dmitry.kasatkin@xxxxxxxxx> writes:
> +#else
> +static inline int integrity_module_check(const void *buf, unsigned long len)
> +{
> + return 0;
> +}
> +#endif

...

> + err = integrity_module_check(hdr, len);
> + if (err < 0)
> + goto free_hdr;
> +
> + /* cut signature tail */
> + info->len = err;

This is a bug.

Firstly, you want the 'long' not 'int' as the return vale from
integrity_module_check(). But mainly, you want it to return 'len' not
0.

I'd also prefer it to be *immediately* after we copy from userspace.

Cheers,
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rusty Russell: "[RFC] module: signature infrastructure"
Previous message: MyungJoo Ham: "Re: Re: [PATCH] extcon-max8997: remove usage of ret inmax8997_muic_handle_charger_type_detach"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]